Finance General Uncategorized

Use the Fraud Triangle to understand Business Fraud

is your company vulnerable to business fraudBusiness fraud can do massive damage to a SME, not only financially but also to its reputation. It can be defined as a knowing and wilful act of dishonesty by a perpetrator designed to bring them some benefit, usually financial.
Perpetrators can be customers, suppliers, employees, contractors and, of course, the various email and internet-based attempts to extract money or information, such as its database of customers, from a company by activities generally known as phishing and hacking.

What is the Fraud Triangle?

The Cressey Fraud Triangle was devised by American criminologist Donald Cressey and explained the three factors that need to be present to make a business vulnerable to fraud: Opportunity, Pressure and Rationalisation.
Opportunity is about weaknesses in your business processes that lead a potential fraudster to believe there is a low risk of being caught.
Pressure can come from such things as a financial or emotional source, such as debt, a gambling habit, addictions, or overwhelming bills, or perhaps a sense of injustice in the perpetrator, such as an employee who does not believe they are treated fairly.
Rationalisation is about the perpetrator finding justifications for their fraudulent behaviour such as “just borrowing” money or items for a short time, or that it is acceptable to take money from a big corporation.

Use the Fraud Triangle to protect your SME from business fraud

You can use the Fraud Triangle as a tool to establish whether, and where, your SME may be vulnerable to business fraud and to then establish protocols to minimise the risk.
The elements needed for your business to minimise the risk of business fraud are not only about personal behaviour but also about separating various functions – who is responsible for carrying out various elements of the business process. It is not uncommon in a small business for people to have to multi-task, but wherever possible tasks should be separated and assigned to different people and especially those that relate to money.
For example, having a single person responsible for administration, book keeping, order processing and invoicing, or to have the same person responsible for managing accounts payable and accounts receivable will make your business vulnerable to fraud.
A business fraud protocol is also about defining expectations for excellent record keeping and checking mechanisms and making it clear that should be actually acted upon, not simply written down somewhere.
Once clear guidelines are set about how people are expected to behave and are provided in writing to everyone in the business, you should also require a written signature to ensure they have been read, understood and accepted.
If a fraud is subsequently identified the perpetrator will not be able to rely on the defence that they were not informed that such action was a problem.
You should be alert to any “alarm bells”, such as a change in a person’s behaviour where they have otherwise seemed to be reliable. This can include misplacing files, regularly working late, paying undue attention to a specific customer, never taking holidays or owed time off and refusing help with projects.
You should also have a system of checks in place, this isn’t about reconciling the pennies but monitoring and regularly checking cash payments and receipts, purchase orders, invoices, discounts, credit notes and write-offs, and using ratios to track margins and trends.
Having a business fraud protocol is not enough on its own.  You should also build regular scrutiny of records and transactions into your business processes.

Accounting & Bookkeeping Cash Flow & Forecasting Finance General Insolvency

Detecting and combating business fraud

detecting business fraud
Any business without robust systems can be vulnerable to fraud, either perpetrated by third-party criminals, suppliers, clients or even internally, by employees.
It has been calculated that the typical organization loses 5% of its annual revenue each year due to employee fraud.
As with cybercrime, which we have covered in previous blogs, prevention is preferable to dealing with the consequences, and will help avoid unnecessary loss of cash and write down of profits.
This means monitoring, having clear policies and processes for handling money but also checking they are being followed.

Signs of possible business fraud

Business fraud comes under three main headings, asset misappropriation, corruption and financial fraud.
Watch for unusual behaviour, such as people calling in sick frequently, becoming defensive or irritable. Be alert to complaints from clients or customers relating to a specific employee.
In bank reconciliations, deposits or cheques not included in the reconciliation could be indicative of theft. Other symptoms include credits, write offs, phoney customers, cancelled and refunded till receipts with no documented proof of the reason, also duplicate payments, excessive expenses claims and altered time sheets. The big giveaway here is inadequate accounting systems, inadequate records and a lack of reconciliation that all help conceal fraud.
Another giveaway may be in the stock inventory where the available stock does not match with records. The big giveaway here is inadequate stock control, poor record keeping and a lack of stock checks.

Minimising the opportunity for business fraud

Top of the list is to ensure that there is robust record keeping for all transactions, whether it be transactions with customers and clients, ordering of stock and materials or book keeping.  There should be a clearly-explained reporting system for employees to use if they identify a possible problem.
Keeping records alone is not enough, however.  Regular independent checks to identifying any discrepancies is essential for monitoring the accuracy of reports as well as identifying inappropriate activity.
Make sure that you know your employees so you can detect changes in attitude and behaviour and that they are aware of the business’ policy on fraud prevention and the penalties for anyone caught.
Similarly, if a business is approached by a new client with a potential large order, it is wise to check their credentials with a credit reference agency or, if it is another business, with one of the many services that vet business clients.  It is also helpful to make any new order conditional on payment of a deposit, which can be anywhere from 10% to 50%, and setting up a system of staged payments.
Finally, if fraud appears to be systematic there are outside experts, such as Certified Fraud Examiners (CFE), Certified Public Accountants (CPA) and CPAs who are Certified in Financial Forensics (CFF) who can be hired to investigate.
Prevention of fraud costs far less than the consequences which in some cases can cause a business to become insolvent.

County Court, Legal & Litigation Debt Collection & Credit Management General Rescue, Restructuring & Recovery Turnaround

Are businesses vulnerable to fraud?


One our investment portfolio companies, Music Room Direct, is a small internet retail business that supplies musically themed goods via online sales that are paid by credit card when the order is placed.

We were horrified to find that once the goods had been delivered the credit card transaction could be cancelled and the funds recalled. We immediately contacted our bank’s credit card administrator, who sent a form asking us to respond within 10 days.

We complied immediately but were horrified to find that our bank had already refunded the customer.

Fortunately on this particular occasion we were able to contact the customer who acknowledged their mistake  as an accounts department error and repaid the money immediately.

But when we questioned the administrator, Global Payments, which administers credit cards for several mainstream banks, it transpired that there is absolutely nothing we can do to protect ourselves from clients claiming a refund of the transaction.

While we acknowledge that consumers should be protected, this system clearly offers scope for the less scrupulous and fraudsters to order and pay for goods then to reclaim a refund when the goods arrive.

Have you come across this or any other “loopholes” that make small businesses vulnerable in a similar way?